Sunday, August 10, 2014

DLL Injection: Executing and Testing DLL's

DLL (Dynamic Link Library) Injection is the process of loading a DLL into target process so that code in the DLL might be executed in the context of the target process.

Example Code Snippet

How to test DLL
RUNDLL32.EXE dll_name,EntryPoint [options]



AppInit_DLLs value is found at
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
We have to set Appinit_DLLs key value of the type REG_SZ to DLL's Path. Executables that do not link with User32.dll do not load AppInit DLLs.

NOTE: Above registry change might cause inconvenience as you might see too many pop-ups

References
http://www.exploit-db.com/exploits/14740/
http://www.exploit-db.com/papers/14813/
http://www.exploit-db.com/wp-content/themes/exploit/docs/242.pdf
http://www.ericphelps.com/batch/rundll/
http://blog.opensecurityresearch.com/2013/01/windows-dll-injection-basics.html

7 comments:

  1. Through hole technology is often utilized when manufacturing PCBs that are double-sided or multilayered. PCB reverse engineering PCBs can contaminate the environment through use and disposal, and it is believed that a large percentage of Americans may have already been exposed to dangerous levels of the substance.

    ReplyDelete
  2. This is why a PCB assembly company that offers design services in addition to contract manufacturing services is the ideal choice because the company has the technical capabilities and in-house expertise to deal with any problems that may occur in the pre-assembly process. Aluminum PCB So, pick what suits your requirements perfectly and win yourself the ease of mastering the PCB designs.

    ReplyDelete
  3. Great post again! great job. And I am satisfied to read your article. Turkey visa for Indians. You can check all visa requirements in Turkey via the Turkish e-visa website. Travelers entering Turkey are required to apply for an e-visa. The process is very simple, all you have to do is fill our online application form.

    ReplyDelete